dyld_shared_cache processing / Single-Image loading for BinaryNinja

Related tags

Deep Learningbn-dyldsharedcache
Overview

Dyld Shared Cache Parser

Author: cynder (kat)

Dyld Shared Cache Support for BinaryNinja

BinaryNinja Screenshot

BinaryNinja Screenshot

Without any of the fuss of requiring manually loading several unrelated images, or the awful off-image addresses, and with better output than IDA, Hopper, or any other disassembler on the market.

Installation + Usage

  1. Open the plugin manager
  2. Search for "Dyld" and install this plugin

Usage:

  1. Open Dyld Shared Cache file with BN
  2. Select the Image you would like to disassemble
  3. Congrats, you are now Reverse Engineering the Mach-O

Description:

This project acts as an interface for two seperate projects; DyldExtractor, and ktool. Mainly DyldExtractor.

DyldExtractor is a project written primarily by 'arandomdev' designed for CLI standalone dyld_shared_cache extraction. It is the best tool for the job, and reverses the majority of "optimizations" that make DSC reverse engineering ugly and painful. Utilizing this plugin, Binja's processing should outperform IDAs, and wont require IDA's need for repeatedly right clicking and manually loading tons of modules.

This version of DyldExtractor has a lot of modifications (read: a lot of commented out lines) from the original designed to make it function better in the binja environment.

ktool is a multifaceted project I wrote for, primarily, MachO + ObjC Parsing.

It is mainly used for super basic parsing of the output, as we need to properly write the segments to the VM (and scrap all the dsc data that was originally in this file) so the Mach-O View knows how to parse it.

License

This plugin, along with ktool and dyldextractor are released under an MIT license. Both of these plugins are vendored within this project to make installation slightly simpler.

You might also like...
《Single Image Reflection Removal Beyond Linearity》(CVPR 2019)

Single-Image-Reflection-Removal-Beyond-Linearity Paper Single Image Reflection Removal Beyond Linearity. Qiang Wen, Yinjie Tan, Jing Qin, Wenxi Liu, G

Qiang Wen 51 Jun 24, 2022
Official PyTorch code of Holistic 3D Scene Understanding from a Single Image with Implicit Representation (CVPR 2021)
Official PyTorch code of Holistic 3D Scene Understanding from a Single Image with Implicit Representation (CVPR 2021)

Implicit3DUnderstanding (Im3D) [Project Page] Holistic 3D Scene Understanding from a Single Image with Implicit Representation Cheng Zhang, Zhaopeng C

Cheng Zhang 149 Jan 8, 2023
Learning to Reconstruct 3D Manhattan Wireframes from a Single Image
Learning to Reconstruct 3D Manhattan Wireframes from a Single Image

Learning to Reconstruct 3D Manhattan Wireframes From a Single Image This repository contains the PyTorch implementation of the paper: Yichao Zhou, Hao

Yichao Zhou 50 Dec 27, 2022
Aerial Single-View Depth Completion with Image-Guided Uncertainty Estimation (RA-L/ICRA 2020)
Aerial Single-View Depth Completion with Image-Guided Uncertainty Estimation (RA-L/ICRA 2020)

Aerial Depth Completion This work is described in the letter "Aerial Single-View Depth Completion with Image-Guided Uncertainty Estimation", by Lucas

ETHZ V4RL 70 Dec 22, 2022
This is the official repository for evaluation on the NoW Benchmark Dataset. The goal of the NoW benchmark is to introduce a standard evaluation metric to measure the accuracy and robustness of 3D face reconstruction methods from a single image under variations in viewing angle, lighting, and common occlusions.
This is the official repository for evaluation on the NoW Benchmark Dataset. The goal of the NoW benchmark is to introduce a standard evaluation metric to measure the accuracy and robustness of 3D face reconstruction methods from a single image under variations in viewing angle, lighting, and common occlusions.

NoW Evaluation This is the official repository for evaluation on the NoW Benchmark Dataset. The goal of the NoW benchmark is to introduce a standard e

Soubhik Sanyal 71 Dec 30, 2022
Learning to Reconstruct 3D Non-Cuboid Room Layout from a Single RGB Image
Learning to Reconstruct 3D Non-Cuboid Room Layout from a Single RGB Image

NonCuboidRoom Paper Learning to Reconstruct 3D Non-Cuboid Room Layout from a Single RGB Image Cheng Yang*, Jia Zheng*, Xili Dai, Rui Tang, Yi Ma, Xiao

null 67 Dec 15, 2022
Selective Wavelet Attention Learning for Single Image Deraining

SWAL Code for Paper "Selective Wavelet Attention Learning for Single Image Deraining" Prerequisites Python 3 PyTorch Models We provide the models trai

Bobo 9 Jun 17, 2022
PyTorch code for our ECCV 2020 paper "Single Image Super-Resolution via a Holistic Attention Network"

HAN PyTorch code for our ECCV 2020 paper "Single Image Super-Resolution via a Holistic Attention Network" This repository is for HAN introduced in the

五维空间 140 Nov 23, 2022
Code for generating a single image pretraining dataset
Code for generating a single image pretraining dataset

Single Image Pretraining of Visual Representations As shown in the paper A critical analysis of self-supervision, or what we can learn from a single i

Yuki M. Asano 12 Dec 19, 2022
Comments
  • TypeError: cannot unpack non-iterable NoneType object

    TypeError: cannot unpack non-iterable NoneType object

    Tried this just now, and got this, trying to extract the macOS 13.1 x86_64h cache:

    Successfully installed: Dyld Shared Cache Processor
Loaded python3 plugin 'cxnder_bndyldsharedcache'
Traceback (most recent call last):
  File "/Applications/Binary Ninja.app/Contents/MacOS/plugins/../../Resources/python/binaryninja/binaryview.py", line 2818, in _init
    return self.init()
  File "/Users/torarne/Library/Application Support/Binary Ninja/repositories/community/plugins/cxnder_bndyldsharedcache/dsc.py", line 101, in init
    stub_fixer.fixStubs(extraction_ctx)
  File "/Users/torarne/Library/Application Support/Binary Ninja/repositories/community/plugins/cxnder_bndyldsharedcache/DyldExtractor/converter/stub_fixer.py", line 1681, in fixStubs
    _StubFixer(extractionCtx).run()
  File "/Users/torarne/Library/Application Support/Binary Ninja/repositories/community/plugins/cxnder_bndyldsharedcache/DyldExtractor/converter/stub_fixer.py", line 1011, in run
    self._symbolizer = _Symbolizer(self._extractionCtx)
  File "/Users/torarne/Library/Application Support/Binary Ninja/repositories/community/plugins/cxnder_bndyldsharedcache/DyldExtractor/converter/stub_fixer.py", line 59, in __init__
    self._enumerateExports()
  File "/Users/torarne/Library/Application Support/Binary Ninja/repositories/community/plugins/cxnder_bndyldsharedcache/DyldExtractor/converter/stub_fixer.py", line 101, in _enumerateExports
    if depInfo := self._getDepInfo(dylib, self._machoCtx):
  File "/Users/torarne/Library/Application Support/Binary Ninja/repositories/community/plugins/cxnder_bndyldsharedcache/DyldExtractor/converter/stub_fixer.py", line 179, in _getDepInfo
    imageOff, dyldCtx = self._dyldCtx.convertAddr(imageAddr)
TypeError: cannot unpack non-iterable NoneType object
BinaryView of type 'DyldSharedCache' failed to initialize!
No available/valid debug info parsers for `Raw` view
Found more than 'analysis.limits.stringSearch' (0x100000) strings aborting search for range: 0 - 0x33be0000
Analysis update took 12.239 seconds
    opened by torarnv 1
  • prep for plugin manager

    prep for plugin manager

    Looks like only two changes are required to get this added to the BN plugin manager. The first is to add a requirements.txt -- while ktool and DyldExtractor are versioned, capstone is still a requirement of DyldExtractor so it would be nice to expose that.

    Or, better yet, replace the disassembler with BN's own disassembly to remove the dependency entirely. That also means there's no need to hack around the lack of PAC instructions as BN can disassemble those just fine.

    The other step is to make a release, then we can add the plugin directly to the plugin manager which would be really handy!

    opened by psifertex 1
  • fix relative imports for built-in BN Py 3.8.9 on MacOS

    fix relative imports for built-in BN Py 3.8.9 on MacOS

    I'm not sure whether it's the exact python version or the fact that I'm using the BN shipped Python versus homebrew / ports but I'm unable to use the plugin as-is on MacOS without this change. I don't know how much this versioned DyldExtractor has differed, happy to test/submit upstream in the parent repo if you prefer.

    opened by psifertex 0
Releases(1.0.0)
Owner
cynder
macOS/iOS development @ reverse engineering chick. // maintainer of the iPhone Dev Wiki (https://iphonedev.wiki)
cynder
GitHub Repository
JumpDiff: Non-parametric estimator for Jump-diffusion processes for Python

jumpdiff jumpdiff is a python library with non-parametric Nadaraya─Watson estimators to extract the parameters of jump-diffusion processes. With jumpd

Rydin 28 Dec 10, 2022
Title: Graduate-Admissions-Predictor

The purpose of this project is create a predictive model capable of identifying the probability of a person securing an admit based on their personal profile parameters. Simplified visualisations hav

Akarsh Singh 1 Jan 26, 2022
GeoTransformer - Geometric Transformer for Fast and Robust Point Cloud Registration

Geometric Transformer for Fast and Robust Point Cloud Registration PyTorch imple

Zheng Qin 220 Jan 05, 2023
Data and code for the paper "Importance of Kernel Bandwidth in Quantum Machine Learning"

Reproducibility materials for "Importance of Kernel Bandwidth in Quantum Machine Learning" Repo structure: code contains Python scripts used to genera

Ruslan Shaydulin 3 Oct 23, 2022
A Pytorch implement of paper "Anomaly detection in dynamic graphs via transformer" (TADDY).

TADDY: Anomaly detection in dynamic graphs via transformer This repo covers an reference implementation for the paper "Anomaly detection in dynamic gr

Yue Tan 21 Nov 24, 2022
Demo code for paper "Learning optical flow from still images", CVPR 2021.

Depthstillation Demo code for "Learning optical flow from still images", CVPR 2021. [Project page] - [Paper] - [Supplementary] This code is provided t

130 Dec 25, 2022
PyTorch Implementation of [1611.06440] Pruning Convolutional Neural Networks for Resource Efficient Inference

PyTorch implementation of [1611.06440 Pruning Convolutional Neural Networks for Resource Efficient Inference] This demonstrates pruning a VGG16 based

Jacob Gildenblat 836 Dec 26, 2022
On Uncertainty, Tempering, and Data Augmentation in Bayesian Classification

Understanding Bayesian Classification This repository hosts the code to reproduce the results presented in the paper On Uncertainty, Tempering, and Da

Sanyam Kapoor 18 Nov 17, 2022
Distributing reference energies for SMIRNOFF implementations

Warning: This code is currently experimental and under active development. Is it not yet suitable for distribution or use as reference implementation.

Open Force Field Initiative 1 Dec 07, 2021
🕵 Artificial Intelligence for social control of public administration

Non-tech crash course into Operação Serenata de Amor Tech crash course into Operação Serenata de Amor Contributing with code and tech skills Supportin

Open Knowledge Brasil - Rede pelo Conhecimento Livre 4.4k Dec 31, 2022
Final project code: Implementing MAE with downscaled encoders and datasets, for ESE546 FA21 at University of Pennsylvania

546 Final Project: Masked Autoencoder Haoran Tang, Qirui Wu 1. Training To train the network, please run mae_pretraining.py. Please modify folder path

Haoran Tang 0 Apr 22, 2022
A Python toolbox to create adversarial examples that fool neural networks in PyTorch, TensorFlow, and JAX

Foolbox Native: Fast adversarial attacks to benchmark the robustness of machine learning models in PyTorch, TensorFlow, and JAX Foolbox is a Python li

Bethge Lab 2.4k Dec 25, 2022
adversarial_multi_armed_bandit_variable_plays

Adversarial Multi-Armed Bandit with Variable Plays This code is for paper: Adversarial Online Learning with Variable Plays in the Evasion-and-Pursuit

Yiyang Wang 1 Oct 28, 2021
This repository is a series of notebooks that show solutions for the projects at Dataquest.io.

Dataquest Project Solutions This repository is a series of notebooks that show solutions for the projects at Dataquest.io. Of course, there are always

Dataquest 1.1k Dec 30, 2022
Locally Most Powerful Bayesian Test for Out-of-Distribution Detection using Deep Generative Models

LMPBT Supplementary code for the Paper entitled ``Locally Most Powerful Bayesian Test for Out-of-Distribution Detection using Deep Generative Models"

1 Sep 29, 2022
Implementation of Wasserstein adversarial attacks.

Stronger and Faster Wasserstein Adversarial Attacks Code for Stronger and Faster Wasserstein Adversarial Attacks, appeared in ICML 2020. This reposito

21 Oct 06, 2022
QilingLab challenge writeup

qiling lab writeup shielder 在 2021/7/21 發布了 QilingLab 來幫助學習 qiling framwork 的用法,剛好最近有用到,順手解了一下並寫了一下 writeup。 前情提要 Qiling 是一款功能強大的模擬框架,和 qemu user mode

Yuan 17 Nov 17, 2022
implement of SwiftNet:Real-time Video Object Segmentation

SwiftNet The official PyTorch implementation of SwiftNet:Real-time Video Object Segmentation, which has been accepted by CVPR2021. Requirements Python

haochen wang 64 Dec 14, 2022
Keras + Hyperopt: A very simple wrapper for convenient hyperparameter optimization

This project is now archived. It's been fun working on it, but it's time for me to move on. Thank you for all the support and feedback over the last c

Max Pumperla 2.1k Jan 03, 2023
[CVPR'21] Learning to Recommend Frame for Interactive Video Object Segmentation in the Wild

IVOS-W Paper Learning to Recommend Frame for Interactive Video Object Segmentation in the Wild Zhaoyun Yin, Jia Zheng, Weixin Luo, Shenhan Qian, Hanli

SVIP Lab 38 Dec 12, 2022